commit message title: Add notebook feature to Experimental Lab with Mapbox integration

Author: atonixdev

backend/accounts/auth_views.py

@@ -20,12 +20,16 @@
 def _cookie_params() -> dict:
     # In production behind HTTPS, cookies must be Secure.
     secure = not settings.DEBUG
-    return {
+    params = {
         "httponly": True,
         "secure": secure,
         "samesite": "Lax",
         "path": "/",
     }
+    domain = getattr(settings, 'COOKIE_DOMAIN', None)
+    if domain:
+        params["domain"] = domain
+    return params
 
 
 class CsrfView(APIView):

backend/config/settings.py

@@ -280,6 +280,13 @@
 CSRF_COOKIE_SAMESITE = config('CSRF_COOKIE_SAMESITE', default='Lax')
 CSRF_COOKIE_HTTPONLY = False
 
+# Share cookies across subdomains when needed (e.g. atonixdev.org + api.atonixdev.org).
+# Set COOKIE_DOMAIN=.atonixdev.org in production if the frontend needs to read csrftoken.
+COOKIE_DOMAIN = config('COOKIE_DOMAIN', default='').strip() or None
+if COOKIE_DOMAIN:
+    SESSION_COOKIE_DOMAIN = COOKIE_DOMAIN
+    CSRF_COOKIE_DOMAIN = COOKIE_DOMAIN
+
 # Content Security Policy (start in report-only to avoid breaking third-party assets)
 CSP_REPORT_ONLY = config('CSP_REPORT_ONLY', default=True, cast=bool)
 CSP_DEFAULT_SRC = ("'self'", 'https:', 'data:')